Microsoft Security Bulletin Coverage for April 2017

SonicWall has analyzed and addressed Microsoft and Adobe’s security advisories for the month of April, 2017. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverage

• CVE-2017-0058 Win32k Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0093 Scripting Engine Memory Corruption Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0106 Microsoft Outlook Remote Code Execution Vulnerability
  SPY:4460 Malformed-File rtf.MP.18
• CVE-2017-0155 Windows Graphics Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0156 Windows Graphics Component Elevation of Privilege Vulnerability
  SPY:1450 Malformed-File exe.MP.30
• CVE-2017-0158 Scripting Engine Memory Corruption Vulnerability
  IPS:12715 Scripting Engine Memory Corruption Vulnerability (APR 17) 2
• CVE-2017-0159 ADFS Security Feature Bypass Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0160 .NET Remote Code Execution Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0162 Hyper-V Remote Code Execution Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0163 Hyper-V Remote Code Execution Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0164 Active Directory Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0165 Windows Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0166 LDAP Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0167 Windows Kernel Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0168 Hyper-V Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0169 Hyper-V Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0178 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0179 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0180 Hyper-V Remote Code Execution Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0181 Hyper-V Remote Code Execution Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0182 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0183 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0184 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0185 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0186 Hyper-V Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0188 Win32k Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0189 Win32k Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0191 Windows Denial of Service Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0192 ATMFD.dll Information Disclosure Vulnerability
  SPY:1433 Malformed-File pfb.MP.2
• CVE-2017-0194 Microsoft Office Memory Corruption Vulnerability
  IPS:12716 Microsoft Office Memory Corruption Vulnerability (APR 17)
• CVE-2017-0195 Microsoft Office XSS Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0197 Office DLL Loading Vulnerability
  IPS:12718 ceutil.dll Insecure Library Loading
• CVE-2017-0199 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API
  SPY:1446 Malformed-File rtf.MP.17
• CVE-2017-0200 Microsoft Edge Memory Corruption Vulnerability
  IPS:12717 Microsoft Edge Memory Corruption Vulnerability (APR 17) 2
• CVE-2017-0201 Scripting Engine Memory Corruption Vulnerability
  IPS:12708 Scripting Engine Memory Corruption Vulnerability (APR 17) 1
• CVE-2017-0202 Internet Explorer Memory Corruption Vulnerability
  IPS:12709 Internet Explorer Memory Corruption Vulnerability (APR 17) 1
• CVE-2017-0203 Microsoft Edge Security Feature Bypass Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0204 Microsoft Office Security Feature Bypass Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0205 Microsoft Edge Memory Corruption Vulnerability
  IPS:12710 Microsoft Edge Memory Corruption Vulnerability (APR 17) 1
• CVE-2017-0207 Microsoft Office Spoofing Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0208 Scripting Engine Information Disclosure Vulnerability
  There are no known exploits in the wild.
• CVE-2017-0210 Internet Explorer Elevation of Privilege Vulnerability
  IPS:12712 Internet Explorer Elevation of Privilege (APR 17) 1
• CVE-2017-0211 Windows OLE Elevation of Privilege Vulnerability
  There are no known exploits in the wild.
• CVE-2013-6629 libjpeg Information Disclosure Vulnerability
  There are no known exploits in the wild.

Adobe Coverage

APSB17-10 Security updates for Adobe Flash Player:

• CVE-2017-3058 Adobe Flash Player Use After Free Vulnerability
  Spy:1417 Malformed-File swf.MP.549
• CVE-2017-3059 Adobe Flash Player Use After Free Vulnerability
  Spy:1418 Malformed-File swf.MP.550
• CVE-2017-3060 Adobe Flash Player Memory Corruption Vulnerability
  Spy:1419 Malformed-File swf.MP.551
• CVE-2017-3061 Adobe Flash Player Memory Corruption Vulnerability
  Spy:1420 Malformed-File swf.MP.552
• CVE-2017-3062 Adobe Flash Player Use After Free Vulnerability
  Spy:1421 Malformed-File swf.MP.553
• CVE-2017-3063 Adobe Flash Player Use After Free Vulnerability
  Spy:1422 Malformed-File swf.MP.554
• CVE-2017-3064 Adobe Flash Player Memory Corruption Vulnerability
  Spy:1423 Malformed-File swf.MP.555

APSB17-11 Security Updates for Adobe Acrobat and Reader:

• CVE-2017-3013 Adobe Acrobat Reader Insecure Library Loading Vulnerability
  Spy:1406 M
  alformed-File pdf.MP.219
• CVE-2017-3014 Adobe Acrobat Reader Use After Free Vulnerability
  Spy:1407 Malformed-File pdf.MP.220
• CVE-2017-3017 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1408 Malformed-File pdf.MP.221
• CVE-2017-3019 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1409 Malformed-File pdf.MP.222
• CVE-2017-3020 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1410 Malformed-File pdf.MP.223
• CVE-2017-3021 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1411 Malformed-File pdf.MP.224
• CVE-2017-3022 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1412 Malformed-File pdf.MP.225
• CVE-2017-3023 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1413 Malformed-File pdf.MP.226
• CVE-2017-3024 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1414 Malformed-File pdf.MP.227
• CVE-2017-3025 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1415 Malformed-File pdf.MP.228
• CVE-2017-3026 Adobe Acrobat Reader Use After Free Vulnerability
  Spy:1416 Malformed-File pdf.MP.229
• CVE-2017-3029 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1405 Malformed-File pdf.MP.218
• CVE-2017-3032 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1424 Malformed-File pdf.MP.235
• CVE-2017-3033 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1432 Malformed-File pdf.MP.232
• CVE-2017-3042 Adobe Acrobat Reader Heap Overflow Vulnerability
  Spy:1425 Malformed-File tif.MP.5
  Spy:1426 Malformed-File tif.MP.6
  Spy:1428 Malformed-File tif.MP.7

• CVE-2017-3044 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1430 Malformed-File pdf.MP.230
• CVE-2017-3045 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1431 Malformed-File pdf.MP.231
• CVE-2017-3046 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1434 Malformed-File pdf.MP.233
• CVE-2017-3047 Adobe Acrobat Reader Use After Free Vulnerability
  Spy:1435 Malformed-File pdf.MP.234
• CVE-2017-3048 Adobe Acrobat Reader Heap Overflow Vulnerability
  Spy:1436 Malformed-File tif.MP.8
• CVE-2017-3049 Adobe Acrobat Reader Heap Overflow Vulnerability
  Spy:1437 Malformed-File tif.MP.9
• CVE-2017-3050 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1438 Malformed-File gif.MP.1
• CVE-2017-3051 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:1441 Malformed-File jpg.MP.5
• CVE-2017-3052 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1443 Malformed-File emf.MP.13
  Spy:1445 Malformed-File emf.MP.14
• CVE-2017-3053 Adobe Acrobat Reader Memory Address Leak Vulnerability
  Spy:1447 Malformed-File jpg.MP.6
• CVE-2017-3055 Adobe Acrobat Reader Heap Overflow Vulnerability
  Spy:1448 Malformed-File pdf.MP.237
• CVE-2017-3056 Adobe Acrobat Reader Memory Corruption Vulnerability
  Spy:4237 Malformed-File pdf.MP.238
• CVE-2017-3057 Adobe Acrobat Reader Use After Free Vulnerability
  Spy:1449 Malformed-File pdf.MP.236

Security News

The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.